Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/520d04-e912-4f46-a9e6-7055393f75fe/1/Dqz0eegQY3ZODQuOmrDBkeoTRDI.roa
File: Dqz0eegQY3ZODQuOmrDBkeoTRDI.roa (raw, json)
Hash identifier: YgyqalGqcanfQmP+Nn3cEpURWJEx3DrHOHB9CXxVVWc=
Subject key identifier: 0E:AC:F4:79:E8:10:63:76:4E:0D:0B:8E:9A:B0:C1:91:EA:13:44:32
Certificate issuer: /CN=1dc7522321c23d169ed332ff49879ccc245172db
Certificate serial: 01856D41B19419FED9576E2B800CE12E5F7A
Authority key identifier: 1D:C7:52:23:21:C2:3D:16:9E:D3:32:FF:49:87:9C:CC:24:51:72:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HcdSIyHCPRae0zL_SYeczCRRcts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/520d04-e912-4f46-a9e6-7055393f75fe/1/Dqz0eegQY3ZODQuOmrDBkeoTRDI.roa
Signing time: Sun 01 Jan 2023 12:14:59 +0000
ROA not before: Sun 01 Jan 2023 12:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9166
IP address blocks: 212.113.64.0/19 maxlen: 24
62.233.0.0/19 maxlen: 24
2a02:239c:0:20::/64 maxlen: 64
2a02:2398::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:41:b1:94:19:fe:d9:57:6e:2b:80:0c:e1:2e:5f:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1dc7522321c23d169ed332ff49879ccc245172db
Validity
Not Before: Jan 1 12:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0eacf479e81063764e0d0b8e9ab0c191ea134432
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:5c:bf:84:49:ce:b5:31:7d:c3:78:ae:46:fa:
ee:04:ef:c9:11:33:64:9a:fd:2e:cd:39:27:32:50:
00:91:9b:93:2f:32:a8:41:65:15:3d:0a:24:95:09:
9a:31:a1:84:fa:4f:28:4c:59:a3:13:bc:a7:bb:9a:
8c:ed:8b:e9:09:dd:02:46:49:bb:1f:fa:f9:1e:3b:
fc:fb:ac:a1:90:d2:1d:73:fd:c5:50:d5:37:5c:e6:
c7:53:71:d3:52:2c:34:af:9d:d0:fe:a8:a7:62:33:
2e:61:2b:d2:77:ce:f9:b2:24:6d:d5:df:bc:8b:f8:
ee:35:8a:5d:07:0d:69:12:51:60:8e:b5:d7:d7:e2:
1e:94:c4:5b:91:88:5b:65:23:58:78:c1:de:0c:95:
6a:a8:9e:e3:c4:59:fe:1b:29:dc:8a:a1:f9:b2:73:
10:6e:80:36:07:3c:cc:09:b6:d2:58:35:1c:08:96:
39:5a:94:bd:39:f1:0a:45:a6:be:67:bb:af:83:7e:
dd:c2:6e:50:e4:6b:5f:95:36:49:3b:f4:8c:83:98:
90:ac:d4:24:8a:be:cf:f7:20:69:dc:b1:3b:12:53:
19:4f:bb:3a:d6:fa:66:8f:9d:bd:06:9e:1b:b4:90:
9c:bd:6f:b4:d2:00:58:ad:93:c4:50:4f:d9:75:5d:
c0:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:AC:F4:79:E8:10:63:76:4E:0D:0B:8E:9A:B0:C1:91:EA:13:44:32
X509v3 Authority Key Identifier:
keyid:1D:C7:52:23:21:C2:3D:16:9E:D3:32:FF:49:87:9C:CC:24:51:72:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HcdSIyHCPRae0zL_SYeczCRRcts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/520d04-e912-4f46-a9e6-7055393f75fe/1/Dqz0eegQY3ZODQuOmrDBkeoTRDI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/520d04-e912-4f46-a9e6-7055393f75fe/1/HcdSIyHCPRae0zL_SYeczCRRcts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.233.0.0/19
212.113.64.0/19
IPv6:
2a02:2398::/29
Signature Algorithm: sha256WithRSAEncryption
89:b6:ba:18:3f:e2:6f:f4:34:c8:d6:61:dc:bf:44:30:a1:c1:
cb:0f:f4:84:b4:f9:12:93:07:ad:91:00:63:58:06:d8:45:74:
96:f0:88:dc:c2:f1:03:d5:8a:bd:06:23:e0:6e:69:75:02:74:
f5:2d:0c:5d:72:d2:6b:b1:43:cd:4f:ec:ba:30:c6:3d:a1:41:
99:25:ff:ec:a3:3a:95:9d:a4:4c:ad:24:e8:b3:84:1f:ad:d8:
c3:f8:7c:86:12:bd:95:64:54:23:ef:6a:22:5b:7a:f3:45:c4:
0c:17:ea:7d:d4:bc:f8:a3:ad:93:39:c4:e2:65:dc:8c:74:1b:
d3:8e:47:9b:2b:94:4e:9a:8b:0f:bb:72:cb:ab:3f:28:75:16:
52:90:1b:6e:36:a9:33:e9:a1:6c:6d:c1:f4:32:8b:01:21:5b:
d1:2a:53:75:db:6e:65:de:42:41:30:78:b8:04:4f:16:9d:6e:
cb:f5:7f:a7:63:94:3c:ed:f8:a7:56:ec:09:84:c9:8f:0e:f7:
b9:2e:a1:d5:10:db:e9:52:77:c2:21:81:9b:d1:1c:ce:d6:47:
4e:61:e6:dd:d2:2c:ab:6c:52:25:21:09:8f:32:f7:09:fc:3c:
04:44:59:e8:b7:1f:8d:50:fc:6a:f5:e3:e5:4d:a0:cf:fa:ae:
92:7f:6d:24
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVtQbGUGf7ZV24rgAzhLl96MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkYzc1MjIzMjFjMjNkMTY5ZWQzMzJmZjQ5ODc5Y2NjMjQ1
MTcyZGIwHhcNMjMwMTAxMTIxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWFjZjQ3OWU4MTA2Mzc2NGUwZDBiOGU5YWIwYzE5MWVhMTM0NDMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnly/hEnOtTF9w3iuRvruBO/JETNk
mv0uzTknMlAAkZuTLzKoQWUVPQoklQmaMaGE+k8oTFmjE7ynu5qM7YvpCd0CRkm7
H/r5Hjv8+6yhkNIdc/3FUNU3XObHU3HTUiw0r53Q/qinYjMuYSvSd875siRt1d+8
i/juNYpdBw1pElFgjrXX1+IelMRbkYhbZSNYeMHeDJVqqJ7jxFn+GynciqH5snMQ
boA2BzzMCbbSWDUcCJY5WpS9OfEKRaa+Z7uvg37dwm5Q5GtflTZJO/SMg5iQrNQk
ir7P9yBp3LE7ElMZT7s61vpmj529Bp4btJCcvW+00gBYrZPEUE/ZdV3AMwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFA6s9HnoEGN2Tg0LjpqwwZHqE0QyMB8GA1UdIwQY
MBaAFB3HUiMhwj0WntMy/0mHnMwkUXLbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGNkU0l5SENQUmFlMHpMX1NZZWN6Q1JSY3RzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi81MjBkMDQtZTkxMi00ZjQ2LWE5ZTYt
NzA1NTM5M2Y3NWZlLzEvRHF6MGVlZ1FZM1pPRFF1T21yREJrZW9UUkRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi81MjBkMDQtZTkxMi00ZjQ2LWE5ZTYtNzA1NTM5M2Y3NWZl
LzEvSGNkU0l5SENQUmFlMHpMX1NZZWN6Q1JSY3RzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFPukAAwQF
1HFAMA0EAgACMAcDBQMqAiOYMA0GCSqGSIb3DQEBCwUAA4IBAQCJtroYP+Jv9DTI
1mHcv0QwocHLD/SEtPkSkwetkQBjWAbYRXSW8IjcwvED1Yq9BiPgbml1AnT1LQxd
ctJrsUPNT+y6MMY9oUGZJf/sozqVnaRMrSTos4QfrdjD+HyGEr2VZFQj72oiW3rz
RcQMF+p91Lz4o62TOcTiZdyMdBvTjkebK5ROmosPu3LLqz8odRZSkBtuNqkz6aFs
bcH0MosBIVvRKlN1225l3kJBMHi4BE8WnW7L9X+nY5Q87finVuwJhMmPDve5LqHV
ENvpUnfCIYGb0RzO1kdOYebd0iyrbFIlIQmPMvcJ/DwERFnotx+NUPxq9ePlTaDP
+q6Sf20k
-----END CERTIFICATE-----
Generated at Mon Jan 1 03:23:24 2024 by rpki-client on console-fra.rpki-client.org